package com.shiro;

import java.util.HashSet;
import java.util.List;
import java.util.Set;

import org.apache.shiro.SecurityUtils;
import org.apache.shiro.authc.AuthenticationException;
import org.apache.shiro.authc.AuthenticationInfo;
import org.apache.shiro.authc.AuthenticationToken;
import org.apache.shiro.authc.SimpleAuthenticationInfo;
import org.apache.shiro.authc.UnknownAccountException;
import org.apache.shiro.authz.AuthorizationInfo;
import org.apache.shiro.authz.SimpleAuthorizationInfo;
import org.apache.shiro.realm.AuthorizingRealm;
import org.apache.shiro.subject.PrincipalCollection;
import org.springframework.beans.factory.annotation.Autowired;

import com.Framework.util.Tools;
import com.common.utils.ShiroUtils;
import com.workcenter.entity.Sys.SysUserDO;
import com.workcenter.entity.shiro.PermsEntity;
import com.workcenter.entity.shiro.RoleEntity;
import com.workcenter.entity.shiro.UserEntity;
import com.workcenter.service.ShiroService;



public class UserRealm extends AuthorizingRealm {

  @Autowired
  private ShiroService shiroService;

  @Override
  protected AuthorizationInfo doGetAuthorizationInfo(PrincipalCollection principals) {

    Long userId = ShiroUtils.getUserId();
    SimpleAuthorizationInfo authorizationInfo = new SimpleAuthorizationInfo();

    //添加角色
    List<RoleEntity> listRole = shiroService.findRoles(userId);
    if (Tools.CheckTools.checkEmpty(listRole)) {
      throw new UnknownAccountException();//没找到帐号  
    }

    Set set = new HashSet();
    for (RoleEntity role : listRole) {
      set.add(role.getRoleName());
    }
    authorizationInfo.setRoles(set);

    //添加权限
    List<PermsEntity> listPerms = shiroService.findPerms(userId);
    if (Tools.CheckTools.checkEmpty(listPerms)) {
      throw new UnknownAccountException();//没找到帐号  
    }
    Set set2 = new HashSet();
    for (int i = 0; i < listPerms.size(); i++) {
      PermsEntity perms = listPerms.get(i);
      set2.add(perms);
    }
    authorizationInfo.setStringPermissions(set2);

    return authorizationInfo;
  }

  @Override
  protected AuthenticationInfo doGetAuthenticationInfo(AuthenticationToken token)
      throws AuthenticationException {

    String username = (String) token.getPrincipal();
    List<UserEntity> userList = shiroService.findUser(username);

    if (Tools.CheckTools.checkEmpty(userList)) {
      throw new UnknownAccountException();//没找到帐号  
    }

    UserEntity user = userList.get(0);
    SysUserDO sysDao = new SysUserDO();
    sysDao.setUserId(Long.parseLong(user.getUserId()));
    sysDao.setName(user.getName());
    sysDao.setUsername(user.getUserName());
    sysDao.setPassword(user.getPassword());
    //交给AuthenticatingRealm使用CredentialsMatcher进行密码匹配，如果觉得人家的不好可以自定义实现  
    SimpleAuthenticationInfo authenticationInfo = new SimpleAuthenticationInfo(sysDao, //用户名  
        user.getPassword(), getName() //realm name  
        );

    return authenticationInfo;
  }

  //清除缓存
  public void clearCached() {
    PrincipalCollection principals = SecurityUtils.getSubject().getPrincipals();
    super.clearCache(principals);
  }
}
